fix: use browser redirect page for mx login

This commit is contained in:
Marek Miklewicz
2026-06-30 19:34:01 +02:00
parent 7d3d458160
commit d5894a1935
5 changed files with 48 additions and 3 deletions
+31
View File
@@ -45,6 +45,37 @@ final class Http
exit;
}
public static function browserRedirectNoStore(string $url): void
{
header('Content-Type: text/html; charset=UTF-8');
header('Cache-Control: no-store, private');
header('Pragma: no-cache');
header('Referrer-Policy: no-referrer');
header('X-Content-Type-Options: nosniff');
header("Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'; style-src 'unsafe-inline'; base-uri 'none'; form-action 'none'");
echo self::redirectPageHtml($url);
exit;
}
public static function redirectPageHtml(string $url): string
{
$safeUrl = htmlspecialchars($url, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
$jsonUrl = json_encode($url, JSON_UNESCAPED_SLASHES | JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT);
if (!is_string($jsonUrl)) {
$jsonUrl = '"/"';
}
return '<!doctype html><html lang="pl"><head><meta charset="utf-8">'
. '<meta name="viewport" content="width=device-width, initial-scale=1">'
. '<meta http-equiv="refresh" content="0;url=' . $safeUrl . '">'
. '<title>Serwer poczty</title></head><body>'
. '<script>(function(){var target=' . $jsonUrl . ';'
. 'try{if(window.top){window.top.location.replace(target);return;}}catch(e){}'
. 'window.location.replace(target);}());</script>'
. '<p><a rel="noreferrer" href="' . $safeUrl . '">Otwórz panel poczty</a></p>'
. '</body></html>';
}
public static function errorPage(string $message, int $status): void
{
http_response_code($status);